[Secure-testing-commits] r43327 - data/CVE

Salvatore Bonaccorso Wed, 20 Jul 2016 21:39:07 -0700

Author: carnil
Date: 2016-07-21 04:38:44 +0000 (Thu, 21 Jul 2016)
New Revision: 43327


Modified:
   data/CVE/list
Log:
Add note for CVE-2016-5399

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-07-21 00:15:25 UTC (rev 43326)
+++ data/CVE/list       2016-07-21 04:38:44 UTC (rev 43327)
@@ -2351,6 +2351,10 @@
        - php7.0 <unfixed>
        - php5 <unfixed>
        NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72613
+       NOTE: Partial fixes in 7.0.9, 5.5.38
+       NOTE: CVE is assigned for the issue in PHP in adequate error handling 
in the
+       NOTE: bzread() function. Disputed by PHP upstream, which considers that 
the
+       NOTE: underlying bzip2 library is at fault.
 CVE-2016-5398
        RESERVED
 CVE-2016-5397


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43327 - data/CVE

Reply via email to